[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 1/4] sha1sum: use AF_ALG when available
From: |
Bruno Haible |
Subject: |
Re: [PATCH v2 1/4] sha1sum: use AF_ALG when available |
Date: |
Sun, 06 May 2018 02:42:58 +0200 |
User-agent: |
KMail/5.1.3 (Linux/4.4.0-119-generic; KDE/5.18.0; x86_64; ; ) |
Assaf Gordon wrote on 2018-04-25:
> On more general note, while the Crypto API is available since version 2.6.38,
> There are still some issues popping here and there.
> for example:
> https://security-tracker.debian.org/tracker/CVE-2016-8646
> https://bugzilla.redhat.com/show_bug.cgi?id=1395896
>
> Another example, the libkcapi [1] library (referenced from the kernel crypto
> api documentation)
> contains a work-around for a bug in kernels pre-4.9 [2].
> I don't know if this is relevant for your implementation or not,
> but if it is, it's worth checking for this and other issues.
> [1] http://www.chronox.de/libkcapi.html
> [2]
> https://github.com/smuellerDD/libkcapi/commit/b8d5941addb15fe5a716eef24060fbd306c06ec9
To me, it looks like all these bugs occur in the same case: namely,
when zero-sized input is given. That is, precisely the bug that my unit
tests found.
2018-05-05 Bruno Haible <address@hidden>
af_alg: Improve comments.
* lib/af_alg.c (afalg_stream): Improve comment about kernel bug.
diff --git a/lib/af_alg.c b/lib/af_alg.c
index dc3ac6a..3b35e01 100644
--- a/lib/af_alg.c
+++ b/lib/af_alg.c
@@ -96,8 +96,8 @@ afalg_stream (FILE *stream, const char *alg, void *resblock,
ssize_t hashlen)
ret = -EIO;
goto out_ofd;
}
- /* On Linux 4.4.0 at least, the value for an empty stream is wrong
- (all zeroes). */
+ /* On Linux < 4.9, the value for an empty stream is wrong (all zeroes).
+ See <https://patchwork.kernel.org/patch/9434741/>. */
if (!non_empty)
{
ret = -EAFNOSUPPORT;
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [PATCH v2 1/4] sha1sum: use AF_ALG when available,
Bruno Haible <=